ansible批量操作的优势就是不需要安装客户端,只需要在安装ansible机器上,可以批量操作能够直接链接的任何服务器。不过在生产环境中建议不要使用明码登录,不过也有一些特殊情况,必须使用明码。这里介绍一下使用ansible明码批量操作
首先,安装ansible,这里就不叙述了,可以参考:https://www.wulaoer.org/?p=1022
我的ansible已经安装好了,下面我要配置我的ansible的配置文件,因为我的客户端很多,所以需要理由不同的文件进行分类,在ansible的配置文件ansible.cfg中,定义自己的ansible的客户端配置文件路径,我把我的配置文件贴出来了
[root@wulaoer ~]# cd /etc/ansible/ [root@wulaoer ansible]# cat ansible.cfg | grep ^[^#] [defaults] inventory = /etc/ansible/inventory roles_path = /etc/ansible/roles host_key_checking = False deprecation_warnings = True command_warnings = False retry_files_enabled = False [inventory] [privilege_escalation] [paramiko_connection] [ssh_connection] [persistent_connection] [accelerate] [selinux] [colors] highlight = white verbose = blue warn = bright purple error = red debug = dark gray deprecate = purple skip = cyan unreachable = red ok = green changed = yellow diff_add = green diff_remove = red diff_lines = cyan [diff]
在这里,我只修改了host路径,有原来的文件,替换成目录。我指定目录的目的是为了方便管理客户端,例如我qa环境,dev环境或者prod环境,用在前端或者后端,也或者是日志采集或者收集等等操作的。我这里是根据的IP网段,不同网段也根据环境进行区分,主要目的是为了指定目录,而不是文件。
[root@wulaoer ~]# cat /etc/ansible/inventory/pvc_10.211 [test] CentOS2 ansible_ssh_user=root ansible_ssh_host=10.211.55.45 ansible_ssh_pass='123456' ansible_ssh_port=22 [test1] CentOS2 ansible_ssh_user=root ansible_ssh_host=10.211.55.45 ansible_ssh_pass='123456' ansible_ssh_port=22
我的ansible的host文件内容指定的做了两个模块进行区分,一个是test1一个是test模块,如果你用的是密钥就不需要加ansible_ssh_pass了。下面根据是不同的参数定义注释
Ansible Inventory 内置参数 ansible_ssh_host 定义hosts ssh地址 ansible_ssh_host=10.211.55.45 ansible_ssh_port 定义hosts ssh端口 ansible_ssh_port=22 ansible_ssh_user 定义hosts ssh认证用户 ansible_ssh_user=user ansible_ssh_pass 定义hosts ssh认证密码 ansible_ssh_pass=pass ansible_sudo 定义hosts sudo用户 ansible_sudo = www ansible_sudo_pass 定义hosts sudo密码 ansible_sudo_pass=pass ansible_sudo_exe 定义hosts sudo路径 ansible_sudo_exe=/usr/bin/sudo ansible_connection 定义hosts连接方式 ansible_connection=local ansible_ssh_private_key_file 定义hosts私钥 ansible_ssh_private_key_file=/root/key ansible_ssh_shell_type 定义hosts shell类型 ansible_ssh_shell_type=bash ansible_python_interpreter 定义hosts任务执行python路径 ansible_python_interpreter=/usr/bin/python2.6 ansible_*_interpreter 定义hosts其它语言解析路径 ansible_*_interpreter=/usr/bin/ruby
测试利用ansible的密码登录结果,我这里需要注意的是ansible的命令参数,看一下查看时间和获取ip地址
[root@wulaoer ~]# ansible test -m raw -a "date" CentOS2 | CHANGED | rc=0 >> Mon Nov 30 15:03:42 CST 2020 Shared connection to 10.211.55.45 closed. [root@wulaoer ~]# ansible test1 -m raw -a "date" CentOS2 | CHANGED | rc=0 >> Mon Nov 30 15:03:49 CST 2020 Shared connection to 10.211.55.45 closed. [root@wulaoer ~]# ansible test -m raw -a "ifconfig | grep eth0" CentOS2 | CHANGED | rc=0 >> eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 Shared connection to 10.211.55.45 closed. [root@wulaoer ~]# ansible test1 -m raw -a "ifconfig | grep eth0" CentOS2 | CHANGED | rc=0 >> eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 Shared connection to 10.211.55.45 closed.
扩展部分,在使用ansible的时候使用到了参数-i,出现错误信息如下:
[root@wulaoer roles]# ansible -i hosts test -m raw -a "ifconfig" [WARNING]: Unable to parse /etc/ansible/roles/hosts as an inventory source [WARNING]: No inventory was parsed, only implicit localhost is available [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all' [WARNING]: Could not match supplied host pattern, ignoring: test [root@wulaoer roles]# vim ansibles ^C [root@wulaoer roles]# ls ansibles [root@wulaoer roles]# ls ansibles [root@wulaoer roles]# mv ansibles hosts [root@wulaoer roles]# ansible -i hosts test -m raw -a "ifconfig" 10.211.55.45 | FAILED | rc=-1 >> Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host.
这中问题是因为参数-i,-i的参数意义是指定到hosts,我在配置文件里指定的是目录,所以出现错误,只需要修改一下自己的配置即可。
您可以选择一种方式赞助本站
支付宝扫一扫赞助
微信钱包扫描赞助
赏